On Tue, 15 Aug 2006, Robert Fargher wrote: > Still, it'd be nice to be able to have greater control over what is being > logged. In 24 hours, the exim main log was about 300 MB due to these > dictionary attacks being rejected.
I didn't implement a log selector for this because I assumed that sysadmins would want to know when their MTAs were rejecting stuff. However, I see the issue when logs get enormous because of dictionary attacks. A selector such as "do not log RCPT rejects" would be efficient, but rather heavy handed. Maybe something better would be an ACL control, so that you could choose when not to log something. For example, you could then log attempts to relay, but not log dictionary attacks on unknown users. Noted for thinking about. -- Philip Hazel University of Cambridge Computing Service Get the Exim 4 book: http://www.uit.co.uk/exim-book -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
